[kictanet] ACTIVE DEFENSE FOR ADVERSARY PURSUIT

Gichuki John Chuksjonia chuksjonia at gmail.com
Sat Feb 29 21:09:07 EAT 2020


Good evening team,

During the last week we hosted an Active Defense for Adversary Pursuit
training at Naivasha. The training focused on how to detect TTPs, used by
the local adversaries in East and Central Africa. We used a CTI report that
was handed to several Financial institutions on 13th December to enumerate
attacks by these groups and how to fight them out of the infrastructure.
That CTI Report was not shared with all banks but several had it and we
have noted these tools are still active in our infrastructures, and hence
deciding to take it public.

This CTI Report is number 103 released on December 13th 2019 and can be
downloaded on this link.

*http://onnetservices.io/Public/ADVISORY103.pdf
<http://onnetservices.io/Public/ADVISORY103.pdf>*

This CTI report also contains I&Ws (Indicators and Warnings) of breaches
that actually occurred on December, January 2020 and Feb. This CTI was used
for the training at Naivasha and the link below contains the Declassified
version of the class.

*http://onnetservices.io/Public/ADAPClassNaivasha-DeclassifiedForTheCommunity.pdf
<http://onnetservices.io/Public/ADAPClassNaivasha-DeclassifiedForTheCommunity.pdf>*



Let's help each other to defend and minimize breaches in our East and
Central African region by degrading, denying, disrupting and destroying
these Advanced Financial Threats to their tracks.

Thankful,

#FukuzaMwizi
-- 
--
OnNet CTO

http://www.onnetservices.io
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20200229/bc5ca3a7/attachment.htm>


More information about the KICTANet mailing list